| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: require write permissions for locking and badblock ioctls\n\nMEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require\nwrite permission. Depending on the hardware MEMLOCK might even be\nwrite-once, e.g. for SPI-NOR flashes with their WP# tied to GND. OTPLOCK\nis always write-once.\n\nMEMSETBADBLOCK modifies the bad block table." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/mtd/mtdchar.c" |
| ], |
| "versions": [ |
| { |
| "version": "1c9f9125892a43901438bf704ada6b7019e2a884", |
| "lessThan": "f4d28d8b9b0e7c4ae04214b8d7e0b0466ec6bcaf", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "583d42400532fbd6228b0254d7c732b771e4750d", |
| "lessThan": "9625b00cac6630479c0ff4b9fafa88bee636e1f0", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "389c74c218d3b182e9cd767e98cee0e0fd0dabaa", |
| "lessThan": "f73b29819c6314c0ba8b7d5892dfb03487424bee", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "ab1a602a9cea98aa37b2e6851b168d2a2633a58d", |
| "lessThan": "75ed985bd6c8ac1d4e673e93ea9d96c9908c1d37", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "9a53e8bd59d9f070505e51d3fd19606a270e6b93", |
| "lessThan": "5880afefe0cb9b2d5e801816acd58bfe91a96981", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "f7e6b19bc76471ba03725fe58e0c218a3d6266c3", |
| "lessThan": "7b6552719c0ccbbea29dde4be141da54fdb5877e", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "f7e6b19bc76471ba03725fe58e0c218a3d6266c3", |
| "lessThan": "077259f5e777c3c8821f6b41dee709fcda27306b", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "f7e6b19bc76471ba03725fe58e0c218a3d6266c3", |
| "lessThan": "a08799d3e8c8088640956237c183f83463c39668", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "f7e6b19bc76471ba03725fe58e0c218a3d6266c3", |
| "lessThan": "1e97743fd180981bef5f01402342bb54bf1c6366", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "36a8b2f49235e63ab3f901fe12e1b6732f075c2e", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "eb3d82abc335624a5e8ecfb75aba0b684e2dc4db", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/mtd/mtdchar.c" |
| ], |
| "versions": [ |
| { |
| "version": "5.9", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "5.9", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.4.269", |
| "lessThanOrEqual": "4.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.9.269", |
| "lessThanOrEqual": "4.9.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.14.233", |
| "lessThanOrEqual": "4.14.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.191", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.119", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.37", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.11.21", |
| "lessThanOrEqual": "5.11.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.12.4", |
| "lessThanOrEqual": "5.12.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.13", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4.233", |
| "versionEndExcluding": "4.4.269" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.9.233", |
| "versionEndExcluding": "4.9.269" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.14.194", |
| "versionEndExcluding": "4.14.233" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.19.139", |
| "versionEndExcluding": "4.19.191" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.4.58", |
| "versionEndExcluding": "5.4.119" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.9", |
| "versionEndExcluding": "5.10.37" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.9", |
| "versionEndExcluding": "5.11.21" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.9", |
| "versionEndExcluding": "5.12.4" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.9", |
| "versionEndExcluding": "5.13" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.7.15" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.8.1" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/f4d28d8b9b0e7c4ae04214b8d7e0b0466ec6bcaf" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/9625b00cac6630479c0ff4b9fafa88bee636e1f0" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/f73b29819c6314c0ba8b7d5892dfb03487424bee" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/75ed985bd6c8ac1d4e673e93ea9d96c9908c1d37" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/5880afefe0cb9b2d5e801816acd58bfe91a96981" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/7b6552719c0ccbbea29dde4be141da54fdb5877e" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/077259f5e777c3c8821f6b41dee709fcda27306b" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/a08799d3e8c8088640956237c183f83463c39668" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/1e97743fd180981bef5f01402342bb54bf1c6366" |
| } |
| ], |
| "title": "mtd: require write permissions for locking and badblock ioctls", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2021-47055", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
